Article ID: 127860, created on Dec 25, 2015, last review on Dec 25, 2015

  • Applies to:
  • Plesk 12.0 for Linux
  • Plesk 10.4 for Linux/Unix
  • Plesk 10.2 for Linux/Unix
  • Plesk 11.0 for Windows
  • Plesk 10.4 for Windows


I would like to disable DNS recursion; the PCI compliance check fails because recursive DNS queries are allowed.


To disable recursive DNS queries follow these steps:

  1. Log in to Parallels Plesk Panel as the administrator.
  2. Go to Tools and Utilities > General Settings: DNS Template > DNS Recursion tab.
  3. Switch the recursion setting to Deny and click the Set button.

To allow localhost queries, follow these steps:

  1. Log in to the Plesk server as the administrator.
  2. Open the file %plesk_dir%\dns\etc\named.user.conf for editing.
  3. Set the following entry:

    allow-recursion  {localhost; }; 
  4. Restart the DNS server. If he Microsoft DNS server is used, the Deny option cannot be selected. Select Allow for local requests only, or switch the DNS server to the BIND DNS server on Tools & Settings > Server Components.

WARNING: If DNS recursion is disabled, then the DNS server must not be used as the default resolver by any other server or service. Otherwise, attempts to resolve external names will fail due to disabled recursion, which may lead to problems. For example, the mail server will not be able to send mail out since all attempts to resolve MX records for external domains will fail.

29d1e90fd304f01e6420fbe60f66f838 56797cefb1efc9130f7c48a7d1db0f0c a914db3fdc7a53ddcfd1b2db8f5a1b9c 514af229ae32522202a910a2649c80fb 85a92ca67f2200d36506862eaa6ed6b8 bd7fc88cf1b01f097749ae6f87272128 e8756e9388aeca36710ac39e739b2b37 dd0611b6086474193d9bf78e2b293040 d3c493291d6d9f66837ac7495dfea9ca 2a5151f57629129e26ff206d171fbb5f e335d9adf7edffca6a8af8039031a4c7 ff5a00b8ead2e480367b019417a04207 c796c01d6951fa24ed54c7f1111667c6

Email subscription for changes to this article
Save as PDF